来自 MySQL手册:

有几种方法可以在字符串中包含引号字符:

There are several ways to include quote characters within a string:

• 用'引用的字符串中的'可能写为''.

• A "'" inside a string quoted with "'" may be written as "''".

用"引用的字符串中的"可能写为"".

A """ inside a string quoted with """ may be written as """".

在引号字符前加上转义字符(\).

Precede the quote character by an escape character ("\").

用"引用的字符串中的'不需要特殊处理，不需要加倍或转义.以同样的方式，用'引用的字符串内的"不需要特殊处理.

A "'" inside a string quoted with """ needs no special treatment and need not be doubled or escaped. In the same way, """ inside a string quoted with "'" needs no special treatment.

使用php进行编码时，请记住在字符串文字中使用\\以在字符串值中获得单个\.

When coding in php, remember to use \\ in a string literal to get a single \ in the string value.

如果要转义HTML属性中的引号，请将'替换为".或者，用"引用属性值.这些是无论字符串值来自何处都可以使用的技术.参见此线程.

If you want to escape the quote in an HTML attribute, replace the ' with ". Alternatively, quote the attribute value with ". These are the techniques to use regardless of where the string value came from. See this thread.